- WordPress Plugin Contact Form by WD-responsive drag & drop contact form builder tool is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently steal session data and possibly access admin areas of your website. WordPress Plugin Contact Form by WD-responsive drag & drop contact form builder tool version 1.7.14 is vulnerable; prior versions may also be affected.
- Update to plugin version 1.7.15 or latest
- WordPress Plugin FireStorm Professional Real Estate Multiple SQL Injection Vulnerabilities (2.05.01)
- WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.17)
- WordPress Plugin Timesheet by BestWebSoft Cross-Site Scripting (0.1.4)
- WordPress 2.0.5 Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5)
- WordPress Plugin WP GPX Maps 'wp-gpx-maps_admin_tracks.php' Arbitrary File Upload (1.1.22)